It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Access

Network

  • Last updated on

Requirements

  • These are the network requirements for a secure working installation:

    • Internal resources (configured from the CloudGen Access Console) can only communicate with the internal leg of the Envoy Proxy.

    • The Envoy proxy has an internal leg and an internet-facing leg.

    • The Internet-facing leg needs to expose the configured CloudGen Access Proxy port.

Firewall Configuration

All values are assumed to be default values.

ComponentDescriptionDirectionProtocol / PortMode
Envoy Proxy

Access portInboundConfigured in ConsoleAll
Registered resourcesOutboundConfigured in ConsoleAll
CloudGen Access Proxy OrchestratorOutboundTCP 50051All
CloudGen Access Proxy Orchestrator

Envoy Proxy ClusterInboundTCP 50051All
CloudGen Access Console APIOutboundTCP 443All
RedisOutboundConfigured Redis portHA mode

Network Diagram

cg_access_ap-net_single_mode.png